Commit Graph

2903 Commits

Author SHA1 Message Date
Hossein Shafagh 2317967802 lack of an empty config file was resulting into this error
```
Traceback (most recent call last):
  File "/home/travis/build/Netflix/lemur/lemur/plugins/lemur_acme/tests/test_acme.py", line 159, in test_request_certificate
    self.acme.request_certificate(mock_acme, [], mock_order)
  File "/home/travis/build/Netflix/lemur/lemur/plugins/lemur_acme/plugin.py", line 211, in request_certificate
    current_app.config.get("IDENTRUST_CROSS_SIGNED_LE_ICA_EXPIRATION_DATE", "17/03/21"), '%d/%m/%y'):
TypeError: strptime() argument 1 must be str, not MagicMock
```
2020-07-15 17:04:49 -07:00
Hossein Shafagh d5ae45a0d0 Let's Encrypt has been using a cross-signed intermediate CA by DST Root CA X3, which is included in any older devices' TrustStore.
https://letsencrypt.org/certificates/

Let's Encrypt is transitioning to use the intermediate CA issued by their own root (ISRG X1) starting from September 29th 2020. This is in preparation of concluding the initial bootstrapping of their CA, by having it cross-signed by an older CA.
https://letsencrypt.org/2019/04/15/transitioning-to-isrg-root.html

This PR allows Lemur to pin to the cross-signed ICA (same public/private key pair as the ICA signed by ISRG X1). This will prolong support for incompatible systems.
2020-07-14 17:35:13 -07:00
dependabot-preview[bot] a46991646b
Merge pull request #3055 from Netflix/dependabot/pip/boto3-1.14.20 2020-07-13 17:50:03 +00:00
dependabot-preview[bot] fd2adad49e
Bump boto3 from 1.14.16 to 1.14.20
Bumps [boto3](https://github.com/boto/boto3) from 1.14.16 to 1.14.20.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.16...1.14.20)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-13 17:36:12 +00:00
dependabot-preview[bot] e3afaccf97
Merge pull request #3053 from Netflix/dependabot/pip/sqlalchemy-utils-0.36.8 2020-07-13 17:33:57 +00:00
dependabot-preview[bot] 05cae2ae8d
Bump sqlalchemy-utils from 0.36.7 to 0.36.8
Bumps [sqlalchemy-utils](https://github.com/kvesteri/sqlalchemy-utils) from 0.36.7 to 0.36.8.
- [Release notes](https://github.com/kvesteri/sqlalchemy-utils/releases)
- [Changelog](https://github.com/kvesteri/sqlalchemy-utils/blob/master/CHANGES.rst)
- [Commits](https://github.com/kvesteri/sqlalchemy-utils/compare/0.36.7...0.36.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-13 17:21:30 +00:00
dependabot-preview[bot] 5bfb98e097
Merge pull request #3054 from Netflix/dependabot/pip/acme-1.6.0 2020-07-13 17:19:25 +00:00
dependabot-preview[bot] ba9b633c45
Bump acme from 1.5.0 to 1.6.0
Bumps [acme](https://github.com/letsencrypt/letsencrypt) from 1.5.0 to 1.6.0.
- [Release notes](https://github.com/letsencrypt/letsencrypt/releases)
- [Commits](https://github.com/letsencrypt/letsencrypt/compare/v1.5.0...v1.6.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-13 17:04:17 +00:00
dependabot-preview[bot] e73c7db16b
Merge pull request #3056 from Netflix/dependabot/pip/pytest-mock-3.2.0 2020-07-13 17:02:18 +00:00
dependabot-preview[bot] 0517d01748
Bump pytest-mock from 3.1.1 to 3.2.0
Bumps [pytest-mock](https://github.com/pytest-dev/pytest-mock) from 3.1.1 to 3.2.0.
- [Release notes](https://github.com/pytest-dev/pytest-mock/releases)
- [Changelog](https://github.com/pytest-dev/pytest-mock/blob/master/CHANGELOG.rst)
- [Commits](https://github.com/pytest-dev/pytest-mock/compare/v3.1.1...v3.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-13 16:44:52 +00:00
dependabot-preview[bot] 672f0e10f9
Merge pull request #3052 from Netflix/dependabot/pip/botocore-1.17.20 2020-07-13 16:43:03 +00:00
dependabot-preview[bot] d02128a093
Bump botocore from 1.17.16 to 1.17.20
Bumps [botocore](https://github.com/boto/botocore) from 1.17.16 to 1.17.20.
- [Release notes](https://github.com/boto/botocore/releases)
- [Changelog](https://github.com/boto/botocore/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/botocore/compare/1.17.16...1.17.20)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-13 13:38:55 +00:00
Hossein Shafagh d27a1292c5
Merge pull request #3051 from hosseinsh/reverse-package-lock-PR
reversing PR due to internal resolved addresses
2020-07-06 14:14:55 -07:00
Hossein Shafagh f6fed4ddc2 reversing PR due to internal resolved addresses 2020-07-06 14:08:31 -07:00
dependabot-preview[bot] a58e10f107
Merge pull request #3048 from Netflix/dependabot/pip/boto3-1.14.16 2020-07-06 19:05:47 +00:00
dependabot-preview[bot] 2aea0fbfba
Bump boto3 from 1.14.12 to 1.14.16
Bumps [boto3](https://github.com/boto/boto3) from 1.14.12 to 1.14.16.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.12...1.14.16)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-06 18:58:25 +00:00
dependabot-preview[bot] 0fa9ce7a6d
Merge pull request #3047 from Netflix/dependabot/pip/botocore-1.17.16 2020-07-06 18:56:00 +00:00
dependabot-preview[bot] f863a227ac
Bump botocore from 1.17.12 to 1.17.16
Bumps [botocore](https://github.com/boto/botocore) from 1.17.12 to 1.17.16.
- [Release notes](https://github.com/boto/botocore/releases)
- [Changelog](https://github.com/boto/botocore/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/botocore/compare/1.17.12...1.17.16)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-06 18:48:54 +00:00
dependabot-preview[bot] 31298845f5
Merge pull request #3049 from Netflix/dependabot/pip/sqlalchemy-utils-0.36.7 2020-07-06 18:46:16 +00:00
dependabot-preview[bot] 98c2e5cc31
Bump sqlalchemy-utils from 0.36.6 to 0.36.7
Bumps [sqlalchemy-utils](https://github.com/kvesteri/sqlalchemy-utils) from 0.36.6 to 0.36.7.
- [Release notes](https://github.com/kvesteri/sqlalchemy-utils/releases)
- [Changelog](https://github.com/kvesteri/sqlalchemy-utils/blob/master/CHANGES.rst)
- [Commits](https://github.com/kvesteri/sqlalchemy-utils/compare/0.36.6...0.36.7)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-06 18:37:07 +00:00
dependabot-preview[bot] 5e24e3fd91
Merge pull request #3045 from Netflix/dependabot/pip/sphinx-3.1.2 2020-07-06 18:34:31 +00:00
dependabot-preview[bot] 4050111291
Bump sphinx from 3.1.1 to 3.1.2
Bumps [sphinx](https://github.com/sphinx-doc/sphinx) from 3.1.1 to 3.1.2.
- [Release notes](https://github.com/sphinx-doc/sphinx/releases)
- [Changelog](https://github.com/sphinx-doc/sphinx/blob/3.x/CHANGES)
- [Commits](https://github.com/sphinx-doc/sphinx/compare/v3.1.1...v3.1.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-06 18:25:18 +00:00
dependabot-preview[bot] 343ea09813
Merge pull request #3046 from Netflix/dependabot/pip/python-ldap-3.3.1 2020-07-06 18:23:23 +00:00
dependabot-preview[bot] c384de7e19
Bump python-ldap from 3.3.0 to 3.3.1
Bumps [python-ldap](https://github.com/python-ldap/python-ldap) from 3.3.0 to 3.3.1.
- [Release notes](https://github.com/python-ldap/python-ldap/releases)
- [Commits](https://github.com/python-ldap/python-ldap/compare/python-ldap-3.3.0...python-ldap-3.3.1)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-06 18:12:45 +00:00
dependabot-preview[bot] d8bc7d34c5
Merge pull request #3050 from Netflix/dependabot/pip/pre-commit-2.6.0 2020-07-06 18:10:41 +00:00
dependabot-preview[bot] b329d1cdb9
Bump pre-commit from 2.5.1 to 2.6.0
Bumps [pre-commit](https://github.com/pre-commit/pre-commit) from 2.5.1 to 2.6.0.
- [Release notes](https://github.com/pre-commit/pre-commit/releases)
- [Changelog](https://github.com/pre-commit/pre-commit/blob/master/CHANGELOG.md)
- [Commits](https://github.com/pre-commit/pre-commit/compare/v2.5.1...v2.6.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-06 18:03:49 +00:00
dependabot-preview[bot] 0f00074500
Merge pull request #3044 from Netflix/dependabot/pip/coverage-5.2 2020-07-06 18:01:58 +00:00
dependabot-preview[bot] d65198cd2e
Bump coverage from 5.1 to 5.2
Bumps [coverage](https://github.com/nedbat/coveragepy) from 5.1 to 5.2.
- [Release notes](https://github.com/nedbat/coveragepy/releases)
- [Changelog](https://github.com/nedbat/coveragepy/blob/master/CHANGES.rst)
- [Commits](https://github.com/nedbat/coveragepy/compare/coverage-5.1...coverage-5.2)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-07-06 13:32:27 +00:00
Hossein Shafagh 75160ae5f3
Merge pull request #3041 from jramosf/patch-1
Fix unmatched field in Authorization
2020-07-02 10:34:04 -07:00
Hossein Shafagh e0c2f4274e
Merge branch 'master' into patch-1 2020-07-02 10:16:02 -07:00
Hossein Shafagh 4fd1d7d957
Merge pull request #3042 from jramosf/patch-2
Remove f from non-f string
2020-07-02 10:10:59 -07:00
Javier Ramos aa11088944
Remove f from non-f string 2020-07-02 16:48:41 +02:00
Javier Ramos 1f598e3752
Fix unmatched field in Authorization
The field in the formatted string was not matching the args
2020-07-02 16:41:19 +02:00
Hossein Shafagh 5870ff4713
Merge pull request #3040 from jramosf/patch-1
Raise ValidationError if CSR contains invalid CN
2020-07-01 14:48:55 -07:00
Javier Ramos 7a5a5531cc
Raise ValidationError if CSR contains invalid CN
If we supply a CSR that contains an empty field in the Subject, Lemur will crash with an error 500 as the ValueError exception is not captured. This change captures the exception and raises a ValidationError which in this case is a 400 sent back to client. Example to reproduce:

    Subject: C=ZZ, ST=Something, L=, O=My_Org, OU=My_Dept, CN=www.booking.com

The empty L= causes a ValueError which needs to be captured.
2020-07-01 15:44:06 +02:00
dependabot-preview[bot] 47946510d4
Merge pull request #3038 from Netflix/dependabot/pip/boto3-1.14.12 2020-06-29 17:20:43 +00:00
dependabot-preview[bot] 9ec7593bc7
Bump boto3 from 1.14.8 to 1.14.12
Bumps [boto3](https://github.com/boto/boto3) from 1.14.8 to 1.14.12.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.14.8...1.14.12)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-06-29 17:13:05 +00:00
dependabot-preview[bot] 6bb3fa20fb
Merge pull request #3037 from Netflix/dependabot/pip/cloudflare-2.8.3 2020-06-29 17:10:32 +00:00
dependabot-preview[bot] f17ad9aad9
Bump cloudflare from 2.8.2 to 2.8.3
Bumps [cloudflare](https://github.com/cloudflare/python-cloudflare) from 2.8.2 to 2.8.3.
- [Release notes](https://github.com/cloudflare/python-cloudflare/releases)
- [Changelog](https://github.com/cloudflare/python-cloudflare/blob/master/CHANGELOG.md)
- [Commits](https://github.com/cloudflare/python-cloudflare/compare/2.8.2...2.8.3)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-06-29 17:03:09 +00:00
dependabot-preview[bot] c722df1245
Merge pull request #3039 from Netflix/dependabot/pip/botocore-1.17.12 2020-06-29 17:00:53 +00:00
dependabot-preview[bot] 81457f88c9
Bump botocore from 1.17.8 to 1.17.12
Bumps [botocore](https://github.com/boto/botocore) from 1.17.8 to 1.17.12.
- [Release notes](https://github.com/boto/botocore/releases)
- [Changelog](https://github.com/boto/botocore/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/botocore/compare/1.17.8...1.17.12)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-06-29 16:46:32 +00:00
dependabot-preview[bot] a669e5b057
Merge pull request #3036 from Netflix/dependabot/pip/twine-3.2.0 2020-06-29 16:44:00 +00:00
dependabot-preview[bot] 80b9f97b39
Bump twine from 3.1.1 to 3.2.0
Bumps [twine](https://github.com/pypa/twine) from 3.1.1 to 3.2.0.
- [Release notes](https://github.com/pypa/twine/releases)
- [Changelog](https://github.com/pypa/twine/blob/master/docs/changelog.rst)
- [Commits](https://github.com/pypa/twine/compare/3.1.1...3.2.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-06-29 13:38:29 +00:00
dependabot-preview[bot] 9f641c14a9
Merge pull request #3025 from Netflix/dependabot/pip/certifi-2020.6.20 2020-06-23 00:14:12 +00:00
dependabot-preview[bot] 1d9af2eb72
Bump certifi from 2020.4.5.2 to 2020.6.20
Bumps [certifi](https://github.com/certifi/python-certifi) from 2020.4.5.2 to 2020.6.20.
- [Release notes](https://github.com/certifi/python-certifi/releases)
- [Commits](https://github.com/certifi/python-certifi/compare/2020.04.05.2...2020.06.20)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-06-23 00:08:05 +00:00
dependabot-preview[bot] 0003e53f5a
Merge pull request #3034 from Netflix/dependabot/pip/boto3-1.14.8 2020-06-23 00:05:24 +00:00
dependabot-preview[bot] 5ab9d7f4e8
Bump boto3 from 1.13.19 to 1.14.8
Bumps [boto3](https://github.com/boto/boto3) from 1.13.19 to 1.14.8.
- [Release notes](https://github.com/boto/boto3/releases)
- [Changelog](https://github.com/boto/boto3/blob/develop/CHANGELOG.rst)
- [Commits](https://github.com/boto/boto3/compare/1.13.19...1.14.8)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-06-22 23:50:41 +00:00
dependabot-preview[bot] e61ecea0f2
Merge pull request #3029 from Netflix/dependabot/pip/requests-2.24.0 2020-06-22 23:47:59 +00:00
dependabot-preview[bot] 1be0362b11
Bump requests from 2.23.0 to 2.24.0
Bumps [requests](https://github.com/psf/requests) from 2.23.0 to 2.24.0.
- [Release notes](https://github.com/psf/requests/releases)
- [Changelog](https://github.com/psf/requests/blob/master/HISTORY.md)
- [Commits](https://github.com/psf/requests/compare/v2.23.0...v2.24.0)

Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2020-06-22 23:39:56 +00:00
dependabot-preview[bot] 7ada40d1b3
Merge pull request #3031 from Netflix/dependabot/pip/arrow-0.15.7 2020-06-22 23:37:15 +00:00